IPCDN Working Group INTERNET-DRAFT Doug Jones draft-jones-cable-gateway-config-mib-00 YAS Broadband Expires: April 2003 October 2002 Cable Gateway Configuration MIB Cable Device Management Information Base for CableHome compliant Residential Gateways Status of this Memo This document is an Internet-Draft and is in full conformance with all provisions of Section 10 of RFC2026 [1]. Internet-Drafts are working documents of the Internet Engineering Task Force (IETF), its areas, and its working groups. Note that other groups may also distribute working documents as Internet- Drafts. Internet-Drafts are draft documents valid for a maximum of six months and may be updated, replaced, or obsoleted by other documents at any time. It is inappropriate to use Internet-Drafts as reference material or to cite them other than as "work in progress." The list of current Internet-Drafts can be accessed at http://www.ietf.org/ietf/1id-abstracts.txt The list of Internet-Draft Shadow Directories can be accessed at http://www.ietf.org/shadow.html. Abstract This memo defines a portion of the Management Information Base MIB)for use with network management protocols in the Internet community. In particular, it defines a basic set of managed objects for SNMP-based management of DHCP functionality within CableHome 1.0 and compliant residential gateways [16] This memo specifies a MIB module in a manner that is compliant to the SNMP SMIv2 [5][6][7]. The set of objects is consistent with the SNMP framework and existing SNMP standards. This memo is a product of the IPCDN working group within the Internet Engineering Task Force. Comments are solicited and should be addressed to the working group's mailing list at ipcdn@ietf.org and/or the author. Conventions used in this document Jones Expires March 2003 [Page 1] Internet Draft Cable Gateway Configuration MIB October 2002 The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in RFC-2119 [2]. Table of Contents 1. The SNMP Management Framework..................................2 2. Glossary.......................................................3 2.1 Cable Gateway Device.......................................3 2.2 Portal Services............................................3 2.3 LAN IP Device..............................................4 2.4 WAN Management (WAN-Man) Address...........................4 2.5 WAN Data (WAN-Data) Address................................4 2.6 LAN Translated (LAN-Trans) Address.........................4 2.7 LAN Passthrough (LAN-Pass) Address.........................4 2.8 Cable Gateway DHCP Portal (CDP)............................4 3. Overview.......................................................4 3.1 Structure of the MIB.......................................5 3.2 Cable Gateway Configuration System Description.............6 4. Definitions...................................................16 5. Acknowledgements..............................................33 6. References....................................................33 7. Security Considerations.......................................34 8. Intellectual Property.........................................35 9. Author's Address..............................................36 10. Full Copyright Statement.....................................36 1. The SNMP Management Framework The SNMP Management Framework presently consists of five major components: o An overall architecture, described in RFC 2571 [1]. o Mechanisms for describing and naming objects and events for the purpose of management. The first version of this Structure of Management Information (SMI) is called SMIv1 and described in STD 16, RFC 1155 [2], STD 16, RFC 1212 [3] and RFC 1215 [4]. The second version, called SMIv2, is described in STD 58, RFC 2578 [5], STD 58, RFC 2579 [6] and STD 58, RFC 2580 [7]. o Message protocols for transferring management information. The first version of the SNMP message protocol is called SNMPv1 and described in STD 15, RFC 1157 [8]. A second version of the SNMP message protocol, which is not an Internet standards track protocol, is called SNMPv2c and described in RFC 1901 [9] and RFC 1906 [10]. The third Jones Expires March 2003 [Page 2] Internet Draft Cable Gateway Configuration MIB October 2002 version of the message protocol is called SNMPv3 and described in RFC 1906 [10], RFC 2572 [11] and RFC 2574 [12]. o Protocol operations for accessing management information. The first set of protocol operations and associated PDU formats is described in STD 15, RFC 1157 [8]. A second set of protocol operations and associated PDU formats is described in RFC 1905 [13]. o A set of fundamental applications described in RFC 2573 [14] and the view-based access control mechanism described in RFC 2575 [15]. Managed objects are accessed via a virtual information store, termed the Management Information Base or MIB. Objects in the MIB are defined using the mechanisms defined in the SMI. This memo specifies a MIB module that is compliant to the SMIv2. A MIB conforming to the SMIv1 can be produced through the appropriate translations. The resulting translated MIB must be semantically equivalent, except where objects or events are omitted because no translation is possible (use of Counter64). Some machine readable information in SMIv2 will be converted into textual descriptions in SMIv1 during the translation process. However, this loss of machine readable information is not considered to change the semantics of the MIB. 2. Glossary The terms in this document are derived either from normal cable system usage, from normal residential gateway operation, or from the documents associated with the CableHome 1.0 Specification [16]. 2.1 Cable Gateway Device A cable gateway device passes data traffic between the cable operator's broadband data network (the Wide Area Network, WAN) and the Local Area Network (LAN) in the cable data service subscriber's residence or business. In addition to passing traffic between the WAN and LAN, the cable gateway device provides several services including a DHCP client and a DHCP server [RFC2131], a TFTP server [RFC1350], management services as enabled by SNMPv1/v2c/v3 agent compliant with the RFCs listed in Section 1, and security services including stateful packet inspection firewall functionality and software code image verification using techniques described in [RFC3280]. 2.2 Portal Services Jones Expires March 2003 [Page 3] Internet Draft Cable Gateway Configuration MIB October 2002 A logical element aggregating the set of CableHome-specified functionality in a CableHome compliant cable gateway device. The Portal Services set of functions is described in [16]. 2.3 LAN IP Device A LAN IP Device is representative of a typical IP device expected to reside on home networks, and is assumed to contain a TCP/IP stack as well as a DHCP client. 2.4 WAN Management (WAN-Man) Address WAN Management Addresses are intended for network management traffic on the cable network between the network management system and the PS element. Typically, these addresses will reside in private IP address space. 2.5 WAN Data (WAN-Data) Address WAN Data Addresses are intended for subscriber application traffic on the cable network and beyond, such as traffic between LAN IP Devices and Internet hosts. Typically, these addresses will reside in public IP address space. 2.6 LAN Translated (LAN-Trans) Address LAN Translated Addresses are intended for subscriber application and management traffic on the home network between LAN IP Devices and the PS element. Typically, these addresses will reside in private IP address space, and can typically be reused across subscribers. 2.7 LAN Passthrough (LAN-Pass) Address LAN Passthrough Addresses are intended for subscriber application traffic, such as traffic between LAN IP Devices and Internet hosts, on the home network, the cable network, and beyond. Typically, these addresses will reside in public IP address space. 2.8 Cable Gateway DHCP Portal (CDP) A logical element residing within the PS that encapsulates DHCP functionality within a Cable Gateway Device. This includes both DHCP client as well as DHCP server capabilities. 3. Overview This MIB provides a set of objects required for the management of DHCP client and server functionality within CableHome compliant Jones Expires March 2003 [Page 4] Internet Draft Cable Gateway Configuration MIB October 2002 Residential Gateways (RG). The specification is derived from the CableHome 1.0 Specification [16]. The DHCP client within a Cable Gateway will acquire one or more addresses from WAN based DHCP servers. Collectively, these are known as WAN addresses. These addresses are used for both management traffic (WAN management addresses) and data traffic (WAN data addresses) to and from the WAN side of the residential gateway. The DHCP server within a Cable Gateway will provide private addresses to LAN IP Devices. These addresses will be translated to and from one of the WAN IP addresses for traffic that enters or exits the LAN, and are and collectively known as LAN Translated Addresses. There are a number of logical functional elements used to describe Cable Gateway configuration functionality. o The Portal Services (PS) logical element is the functional entity that aggregates all specified Cable Gateway capabilities. o The Cable Gateway DHCP Portal (CDP) logical element is the functional entity that embodies the Cable Gateway DHCP capabilities. 3.1 Structure of the MIB This MIB is structured into three groups: o The cabhCdpBase group provides baseline and information for RG DHCP client and server functionality, including reset information, counts for WAN addresses acquired, and counts for LAN addresses served. o The cabhCdpAddr group provides information about dynamically acquired and served addresses within the RG, and includes the following tables: - cabhCdpLanAddrTable: information and reservations for addressees served to the LAN - cabhCdpWanDataAddrTable: WAN address acquisition information - cabhCdpWanDataAddrServerTable: WAN based DNS server information o The cabhCdpServer group provides information about the RG DHCP service (address pool range, subnet information, RG Based server info, etc). Jones Expires March 2003 [Page 5] Internet Draft Cable Gateway Configuration MIB October 2002 3.2 Cable Gateway Configuration System Description The functional element which encapsulated DHCP functionality within the Cable Gateway is known as the Cable Gateway DHCP Portal (CDP). The CDP operating assumptions include: o LAN IP Devices implement a DHCP client as defined by [RFC 2131]. o The cable network provisioning system implements a DHCP server as defined by [RFC 2131]. o If the cable network provisioning system's DHCP server supports DHCP Option 61 (client identifier option),the WAN-Man and all WAN-Data IP interfaces can share a common MAC address. o LAN IP Devices may support various DHCP Options and BOOTP Vendor Extensions, allowed by [RFC 2132]. The following design guidelines drive the capabilities defined for the CDP: o CableHome addressing mechanisms will be MSO controlled, and will provide MSO knowledge of and accessibility to CableHome network elements and LAN IP Devices. o CableHome address acquisition and management processes will not require human intervention (assuming that a user/household account has already been established). o CableHome address acquisition and management will be scalable to support the expected increase in the number of LAN IP devices. o It is preferable for LAN IP Device addresses to remain the same after events such as a power cycle or Internet Service Provider switch. o CableHome will provide a mechanism by which the number of LAN IP Devices in the LAN-Trans realm can be monitored and controlled. o In home communication will continue to work as provisioned during periods of Headend address server outage. Addressing support will be provided for newly added LAN IP Devices and address expirations during remote address server outages. Jones Expires March 2003 [Page 6] Internet Draft Cable Gateway Configuration MIB October 2002 o IP addresses will be conserved when possible (both globally routable addresses and private cable network management addresses). 3.2.1 Cable Gateway DHCP Portal (CDP) System Description The Cable Gateway DHCP Portal is the logical entity that is responsible for CableHome addressing activities. The CDP address request and address allocation responsibilities within the CableHome environment include: o IP address assignment, IP address maintenance, and the delivery of configuration parameters (via DHCP) to LAN IP Devices in the LAN-Trans Address Realm. o Acquisition of a WAN-Man and zero or more WAN-Data IP addresses and associated DHCP configuration parameters for the Portal Services (PS) element. o Provide information to the CableHome Name Portal (CNP) in support of LAN IP Device host name services. The PS maintains two hardware addresses, one of which is to be used to acquire an IP address for management purpose, the other could be used for the acquisition of one or more IP address(es) for data. To prevent hardware address spoofing, the PS does not allow either of the two hardware addresses to be modified. The Portal Services element requires an IP Address on the home LAN for its role on the LAN as a router (see Section 8, Packet Handling and Address Translation), DHCP Server (CDS), and DNS Server). For each of these three Portal Service Element server and router functions, a LAN IP address is saved in the PS database. Each can be accessed via a different MIB object, which are listed below: o Router (default gateway) Address cabhCdpServerRouter o Domain Name Server (DNS) Address cabhCdpServerDnsAddress o Dynamic Host Configuration Server (DHCP) (CDS) Address cabhCdpServerDhcpAddress The default value of cabhCdpServerRouter is 192.168.0.1. The default values of cabhCdpServerDnsAddress and cabhCdpServerDhcpAddress are equal to the value of cabhCdpServerRouter. The CDP capabilities are embodied by two functional elements residing within the CDP: o the Cable Gateway DHCP Server (CDS) o the Cable Gateway DHCP Client (CDC). Jones Expires March 2003 [Page 7] Internet Draft Cable Gateway Configuration MIB October 2002 The CDC exchanges DHCP messages with the DHCP server in the cable network (WAN Management address realm) to acquire an IP address and DHCP options for the PS, for management purposes. The CDC could alsoexchange DHCP messages with the DHCP server in the cable network (WANData address realm) to acquire zero or more IP address(es) on behalfof LAN IP Devices in the LAN-Trans realm. The CDS exchanges DHCP messages with LAN IP Devices in the LAN-Trans realm, and assigns private IP addresses, grants leases to, and could provide DHCPoptions to DHCP clients within those LAN IP Devices. LAN IP Devices in the LAN-Pass realm receive their IP addresses, leases, and DHCP options directly from the DHCP server in the cable network. The CDP simply bridges DHCP messages between the DHCP server in the cable network and LAN IP Devices in the LAN-Pass realm. The following figure illustrates these concepts. +---------------------+ | Cable Gateway | | | | /-----------------\ | Wan-Data | | CDP | | Lan-Pass SERVICE Realm | | | | Realm PROVIDER--------*-----------------------------------------LAN IP Dev \ | | | | \ | | /*****\ /*****\ | | \--------- | | | | MSO | | | CDC | | CDS | | | NETWORK---------------------- | | --------------------LAN IP Dev Wan-Man | | | | | | | | Lan-Trans Realm | | | | | | | | Realm | | \*****/ \*****/ | | | | | | | \-----------------/ | | | +---------------------+ 3.2.1.1 Cable Gateway DHCP Server (CDS) System Description The CDS is a standard DHCP server as defined in [RFC 2131], and responsibilities include: o The CDS assigns addresses to and delivers DHCP configuration parameters to LAN IP Devices receiving an address in the LAN-Trans address realm. The CDS learns DHCP options from the NMS system and provides these DHCP options to LAN IP Devices. If DHCP options have not been provided by the NMS system (for example when the PS boots Jones Expires March 2003 [Page 8] Internet Draft Cable Gateway Configuration MIB October 2002 during a cable outage), the CDS relies on built-in default values (DefVals) for required options. o The CDS is able to provide DHCP addressing services to LAN IP Devices, independent of theWAN connectivity state. o The number of addresses supplied by the CDS to LAN IP Devices is controllable by the NMS system. The behavior of the CDS when a cable operator settable limit is exceeded is also configurable via the NMS. Possible CDS actions when the limit is exceeded include (1) assign a LAN-Trans IP address and treat the WAN to LAN CAT interconnection as would normally occur if he limit had not been exceeded and (2) do not assign an address to requesting LAN IP devices. An address threshold setting of 0 indicates the maximum threshold possible for the LAN-Trans IP address pool defined by the pool "start" (cabhCdpLanPoolStart ) and "end" (cabhCdpLanPoolEnd )values. o In the absence of time of day information from the Time of Day (ToD) server, the CDS uses the PS default starting time of 0 (January 1, 1970), updates the Expire Time for any active leases in the LAN-Trans realm to re-synchronize with DHCP clients in LAN IP Devices, and maintains leases based on that starting point until the PS synchronizes with the Time of Day server in the cable network. o During the PS Boot process, the CDS remains inactive until activated by the PS. o If the PS Primary Packet-handling mode (cabhCapPrimaryMode)as been set to Passthrough AND the PS provisioning process has completed (as indicated by cabhPsDevProvState = pass(1)), then the CDS is disabled. LAN IP Devices may receive addresses that reside in the LAN-Pass realm. As shown in Figure 7-2, LAN-Pass address requests are served by the WAN addressing infrastructure, not the PS. LAN-Pass addressing processes will occur when the PS is configured to operate in Passthrough Mode or Mixed Bridging/Routing Mode. In these cases, DHCP interactions will take place directly between LAN IP Devices and Headend servers, and CableHome does not specify the process. Throughout this document, the terms Dynamic Allocation and Manual Allocation are used as defined in [RFC 2131]. The CDS Provisioned DHCP Options, cabhCdpServer objects in the CDP MIB, are DHCP Options That can be provisioned by the NMS, and are offered by the CDS to LAN IP devices assigned a LAN-Trans address. CDS Provisioned DHCP Options, cabhCdpServer objects, persist after a PS power cycle and Jones Expires March 2003 [Page 9] Internet Draft Cable Gateway Configuration MIB October 2002 the NMS system can establish, read, write and delete these objects. CDS Provisioned DHCP Options, cabhCdpServer objects, are retained during periods of cable outage and these objects are offered to LAN IP devices assigned a LAN-Trans address during periods of cable outage. The CDC persistent storage of DHCP options is consistent with [RFC 2131] section 2.1. The default values of CDS Provisioned DHCP Options, cabhCdpServer objects, are defined and the NMS can reset the CDS Provisioned DHCP Options, cabhCdpServer objects, to their default values, by writing to the cabhCdpSetToFactory MIB object. The CDS Address Threshold (cabhCdpLanTrans) objects contain the event control parameters used by the CDS to signal the CMP to generate a notification to the Headend management system, when the number of LAN-Trans addresses assigned by the CDS exceeds the preset threshold. The Address Count (cabhCdpLanTransCurCount) object is a value indicating the number of LAN-Trans addresses assigned by the CDS that have active DHCP leases. The Address Threshold (cabhCdpLanTransThreshold) object is a value indicating when a notification is generated to the Headend management system. The notification is generated when the CDS assigns an address to the LAN IP Device that causes the Address Count (cabhCdpLanTransCurCount) to exceed the Address Threshold (cabhCdpLanTransThreshold). The Threshold Exceeded Action (cabhCdpLanTransAction) is the action taken by the CDS while the Address Count (cabhCdpLanTransCurCount) exceeds the Address Threshold (cabhCdpLanTransThreshold). If the Threshold Exceeded Action (cabhCdpLanTransAction) allows address assignments after the count is exceeded, the notification is generated each time an address is assigned. The defined actions are a) assign a LAN-Trans address as normal, and b) do not assign an address to the next requesting LAN IP Device. The Address Count (cabhCdpLanTransCurCount) continues to be updated during periods of cable outage. The CDS MIB also contains the Address Pool Start (cabhCdpLanPoolStart) and Address Pool End (cabhCdpLanPoolEnd) parameters. These parameters indicate the range of addresses in the LAN-Trans realm that can be assigned by the CDS to LAN IP Devices. The CDP LAN Address Table (cabhCdpLanAddrTable) contains the list of parameters associated with addresses allocated to LAN IP Devices with LAN-Trans addresses. These parameters include: 1. The Client Identifiers [RFC 2132] section 9.14 (cabhCdpLanAddrClientID) Jones Expires March 2003 [Page 10] Internet Draft Cable Gateway Configuration MIB October 2002 2. The LAN IP address assigned to the client (cabhCdpLanAddrIp) 3. An indication that the address was allocated either manually or dynamically (via the CDP)(cabhCdpLanAddrConfig) The CDS stores information about the identification of a LAN IP Device in the object cabhCdpLanAddrClientID. The first priority for the value to be stored in this object is the Client ID value passed by the LAN IP Device in DHCP Option 61, Client Identifier. If no value is passed in Option 61, the CDS stores the value passed in the chaddr field of the DHCP DISCOVER message issued by the LAN IP Device. The CDS creates a CDP Table (cabhCdpLanAddrTable) entry when it allocates an IP address to a LAN IP Device. The CDS can create CDP Table (cabhCdpLanAddrTable) entries during periods of cable outage. The CDP Table (cabhCdpLanAddrTable) maintains a DHCP lease time for each LAN IP Device. NMS-provisioned CDP Table (cabhCdpLanAddrTable) entries are retained during periods of cable outage and persist across a PS power-cycle 3.2.1.1 Cable Gateway DHCP Client (CDC) System Description The CDC is a standard DHCP client as defined in [RFC 2131], and responsibilities include: o The CDC makes requests to Headend DHCP servers for the acquisition of addresses in the WANMan and may make requests to Headend DHCP servers for the acquisition of addresses in the WAN-Data address realms. The CDC also understands and acts upon a number of CableHome DHCP configuration parameters. o The CDC supports acquisition of one WAN-Man IP address and zero or more WAN-Data IP addresses. o The CDC supports the Vendor Class Identifier Option (DHCP option 60), the Vendor Specific Information option (DHCP Option 43), and the Client Identifier Option (DHCP option 61). o In the default case, the CDC will acquire a single IP address for simultaneous use by theWAN-Man and WAN-Data IP interfaces. In order to minimize changes needed to existing Headend DHCP servers, the use of a Client Jones Expires March 2003 [Page 11] Internet Draft Cable Gateway Configuration MIB October 2002 Identifier (DHCP option 61) by the CDC is not required in this default case. The CDP supports various DHCP Options and BOOTP Vendor Extensions, allowed by [RFC 2132]. The Vendor Class Identifier Option (DHCP option 60) defines a CableLabs device class. For CableHome 1.0, the Vendor Class Identifier Option will contain the string "CableHome1.0", to identify a CableHome 1.0 Portal Services (PS) logical element, whenever the CDC requests a WAN-Man or WAN-Data address. The Vendor Specific Information option (DHCP Option 43) further identifies the type of device and its capabilities. It describes the type of component that is making the request (embedded or standalone, CM or PS), the components that are contained in the device (CM, MTA, PS, etc.), the device serial number, and also allows device specific parameters. {add reference to CH spec and the DHCP options table} The WAN-Data IP Address count parameter of the CDP MIB (cabhCdpWanDataIpAddrCount) is the number of IP address leases the CDC is required to attempt to acquire for the WAN side of NAT and NAPT mappings. The default value of cabhCdpWanDataIpAddrCount is zero, which means that, by default, the CDC will acquire only a WAN- Man IP address. 3.2.1.1.1 Cable Gateway DHCP Client Option 61 The CableHome PS element can have one or more WAN IP addresses associated with a one or more link layer (e.g. MAC) interfaces. Therefore, the CDC cannot rely solely on a MAC address as a unique client identifier value. CableHome allows for the use of the Client Identifier Option (DHCP option 61), [RFC 2132] section 9.14, to uniquely identify the logical WAN interface associated with a particular IP address. The PS is required to have two hardware addresses: one to be used to uniquely identify the logical WAN interface associated with the WAN- Man IP address (WAN-Man hardware address) and the other to be used to uniquely identify the logical WAN interface associated with WAN-Data IP addresses (WAN-Data hardware address). 3.2.1.1.2 WAN Address Modes In order to enable compatibility with as many cable operator provisioning systems as possible, the CDC will support the following configurable WAN Address Modes: Jones Expires March 2003 [Page 12] Internet Draft Cable Gateway Configuration MIB October 2002 o WAN Address Mode 0: The PS Element makes use of a single WAN IP Address, acquired via DHCP using the WAN-Man hardware address. The PS Element has one WAN-Man IP Interface and zero WAN-Data IP Interfaces. This Address Mode is only applicable when the PS Primary Packet-handling Mode (cabhCapPrimaryMode) is set to Passthrough (refer to Section 8.3.2). The cable operator's Headend DHCP server typically needs no software modifications to support this Address Mode. In WAN Address Mode 0, the value of cabhCdpWanDataIpAddrCount is zero. o WAN Address Mode 1: The PS Element makes use of a single WAN IP Address, acquired via DHCP using the WAN-Man hardware address. The PS Element has one WAN-Man IP Interface and one WAN-Data IP Interface. These two Interfaces share a single, common IP address. This Address Mode is only applicable when the PS Primary Packet- handling Mode (cabhCapPrimaryMode) is set to NAPT. The cable operator's Headend DHCP server typically needs no software modifications to support this Address Mode. In WAN Address Mode 1, the value of cabhCdpWanDataIpAddrCount is zero. o WAN Address Mode 2: The PS Element acquires a WAN-Man IP address using the unique WAN-Man hardware address, and is subsequently configured by the NMS to request one or more unique WAN- Data IP Address(es). The PS Element will have one WAN-Man and one or more WAN-Data IP Interface(s). All WAN-Data IP addresses will share a common hardware address that is unique from the WAN- Man hardware address. The two or more Interfaces (one WAN-Man and one or moreWAN-Data) each has its own, unshared IP address. The CDP is configured by the cable operator to operate in WAN Address Mode 2 by writing a nonzero value to cabhCdpWanDataIpAddrCount, via the PS Configuration File or an SNMP set-request. This Address Mode is applicable when the PS Primary Packet-handling Mode (cabhCapPrimaryMode) is set to NAPT or NAT. The cable operator's Headend DHCP server might need software modification to include support for Client IDs (DHCP Option 61) so that it can assign multiple IP addresses to the single WAN-Data hardware address. There are four potential scenarios for WAN-Data IP addresses: 1. The PS is configured to request zero WAN-Data IP addresses. No WAN-Data Client IDs are needed. Jones Expires March 2003 [Page 13] Internet Draft Cable Gateway Configuration MIB October 2002 2. The PS is configured to request one or more WAN-Data IP addresses and there are no MSO-configured cabhCdpWanDataAddrClientId entries in the CDP MIB. The PS is required to auto-generate as many unique WAN-Data Client IDs as the value of cabhCdpWanDataIpAddrCount. 3. The PS is configured to request one or more WAN-Data IP addresses and there are at least as many MSOconfigured cabhCdpWanDataAddrClientId entries as the value of cabhCdpWanDataIpAddrCount, i.e., the MSO has provisioned enough WAN-Data Client ID values. The PS does not auto- generate any Client IDs. 4. The PS is configured to request one or more WAN-Data IP addresses and there are fewer MSO-configured cabhCdpWanDataAddrClientId entries than the value of cabhCdpWanDataIpAddrCount, i.e., the MSO has provisioned some but not provisioned enough WAN-Data Client ID values. The PS is required to auto-generate enough additional unique WAN-Data Client IDs to bring the total number of unique WAN-Data Client IDs to the value of cabhCdpWanDataIpAddrCount. If the cable operator desires for the PS to acquire one or more WAN- Data IP addresses, that are distinct from the WAN-Man IP address, the procedure is as follows. For all WAN Address Modes, the PS first requests a WAN-Man IP address using the WAN-Man hardware address. The procedure described below assumes the PS has already acquired a WAN- Man IP address: 1. The cable operator optionally provisions the PS with unique specific Client IDs, by writing values to the cabhCdpWanDataAddrClientId entries of the CDP MIB's cabhCdpWanDataAddrTable, via the PS Configuration File or SNMP set-request message(s). 2. The cable operator configures the CDP to operate in WAN Address Mode 2 by writing cabhCdpWanDataIpAddrCount to a nonzero value through the PS Configuration File or SNMP set-request message. 3. After the CDP has been configured to operate inWAN Address Mode 2 as described in step 2), the PS checks to see if Client ID values have been provisioned by the NMS as described in step 1). If a number of Client ID values greater than or equal to the value of cabhCdpWanDataIpAddrCount have been provisioned, the PS uses these values in DHCP Option 61 when requesting the WAN-Data IP address(es). If Client ID values have not been Jones Expires March 2003 [Page 14] Internet Draft Cable Gateway Configuration MIB October 2002 provisioned, i.e., if the cabhCdpWanDataAddrClientId entries do not exist, or if the number of Client ID values provisioned is less than the value of cabhCdpWanDataIpAddrCount, the PS generates a number of unique Client ID values such that in combination with the provisioned Client IDs, the total number of unique Client IDs equals the value of cabhCdpWanDataIpAddrCount. The PS generates Client ID values by using the WAN-Data hardware address alone for the first requested WAN-Data IP address, and by concatenating the WAN- Data hardware address with a count that is 8 bits in length for the second and all subsequentWAN-Data IP addresses. If no Client IDs have been provisioned by the NMS, the first 8-bit Count value is 0x02 (indicating the second requestedWAN-Data IP address), the second count value is 0x03, and so on. Example for the case when no Client IDs have been provisioned by the network management system: Given WAN-Data hardware address 0xCDCDCDCDCDCD PS-generated Client ID for the first requested WAN- Data IP address: 0xCDCDCDCDCDCD PS-generated Client ID for the second requested WAN- Data IP address: 0xCDCDCDCDCDCD02 PS-generated Client ID for the third requested WAN- Data IP address: 0xCDCDCDCDCDCD03 PS-generated Client ID for the nth requested WAN-Data IP address: 0xCDCDCDCDCDCDn (n=<0xFF) If some Client IDs have been provisioned by the NMS but the number is less than the value of cabhCdpWanDataIpAddrCount, the PS generates additional Client IDs as needed to bring the total number of Client IDs to the value of cabhCdpWanDataIpAddrCount. The PS will generate these additional Client IDs values by appending an 8-bit count value to the WAN-Data hardware address, starting with 0x02, unless that would duplicate a provisioned Client ID. If the Client IDs provisioned by the NMS follow the same format (hardware address with 8-bit count value), the PS is required to use a unique count value so as to not duplicate a provisioned Client ID. Example for the case when Client IDs have been provisioned by the NMS (three provisioned Client ID values, cabhCdpWanDataIpAddrCount = 5): Jones Expires March 2003 [Page 15] Internet Draft Cable Gateway Configuration MIB October 2002 Given WAN-Data hardware address 0xCDCDCDCDCDCD First provisioned Client ID for the first WAN-Data IP address: 0x0A0A0A0A0A1A Second provisioned Client ID for the second WAN-Data IP address: 0x0A0A0A0A0A2A Third provisioned Client ID for the third WAN-Data IP address: 0x0A0A0A0A0A3A First Client ID generated by the PS for the fourth requested WAN-Data IP address: 0xCDCDCDCDCDCD02 Second Client ID generated by the PS for the fifth requested WAN-Data IP address: 0xCDCDCDCDCDCD03 4. The PS adds the Client ID values it generates as cabhCdpWanDataAddrClientId entries to the end of the cabhCdpWanDataAddrTable. 5. The PS (CDC) requests (repeating the DHCP DISCOVER process as needed) as many unique WAN-Data IP addresses as the value of cabhCdpWanDataIpAddrCount specifies, using the WAN-Data hardware address in the chaddr field of the DHCP message and the Client ID value(s) from step 3) in DHCP Option 61, beginning with the first cabhCdpWanDataAddrClientId entry of the cabhCdpWanDataAddrTable. The CDC is not permitted to request more WAN-Data IP addresses than the value of cabhCdpWanDataIpAddrCount, even if the number of provisioned Client IDs is greater than the value of cabhCdpWanDataAddrTable. 4. Definitions CABH-CDP-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Integer32, Unsigned32 FROM SNMPv2-SMI TEXTUAL-CONVENTION, TruthValue, Jones Expires March 2003 [Page 16] Internet Draft Cable Gateway Configuration MIB October 2002 TimeStamp, RowStatus FROM SNMPv2-TC OBJECT-GROUP, MODULE-COMPLIANCE FROM SNMPv2-CONF InetAddressType, InetAddress FROM INET-ADDRESS-MIB SnmpAdminString FROM SNMP-FRAMEWORK-MIB clabProjCableHome FROM CLAB-DEF-MIB; --=================================================================== -- -- History: -- -- Date Modified by Reason -- 04/05/02 Issued I01 -- 09/20/02 Issued I02 -- 10/25/02 IETF I-D revisions -- --=================================================================== cabhCdpMib MODULE-IDENTITY LAST-UPDATED "200210250000Z" -- October 25, 2002 ORGANIZATION "CableLabs Broadband Access Department" CONTACT-INFO "Kevin Luehrs Postal: Cable Television Laboratories, Inc. 400 Centennial Parkway Louisville, Colorado 80027-1266 U.S.A. Phone: +1 303-661-9100 Fax: +1 303-661-9199 E-mail: k.luehrs@cablelabs.com" DESCRIPTION "This MIB module supplies the basic management objects for the Cable Gateway DHCP Portal (CDP) portion of the PS database. Acknowledgements: Roy Spitzer - Consultant to CableLabs Mike Mannette - Consultant to CableLabs Jones Expires March 2003 [Page 17] Internet Draft Cable Gateway Configuration MIB October 2002 Randy Dunton - Intel Dmitrii Loukianov - Intel Itay Sherman - Texas Instruments Chris Zacker - Broadcom Rick Vetter - Consultant to CableLabs John Bevilacqua - YAS" ::= { clabProjCableHome 4 } -- Textual conventions CabhCdpLanTransDhcpClientId::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "LAN-Trans DHCP option61 information." SYNTAX OCTET STRING (SIZE (1..80)) cabhCdpObjects OBJECT IDENTIFIER ::= { cabhCdpMib 1 } cabhCdpBase OBJECT IDENTIFIER ::= { cabhCdpObjects 1 } cabhCdpAddr OBJECT IDENTIFIER ::= { cabhCdpObjects 2 } cabhCdpServer OBJECT IDENTIFIER ::= { cabhCdpObjects 3 } -- -- The following group describes the base objects in the Cable Home -- DHCP Portal. The rest of this group deals addresses defined on -- the LAN side. -- cabhCdpSetToFactory OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object to true(1) causes the DHCP default options to be returned back to factory defaults and all current mappings to use the factory default settings at the next lease renewal time. Reading this object always returns false(2). When cabhCdpSetToFactory is set to true, the following actions occur: 1. Reset all default CDS DHCP options to the factory defaults. 2. The CDS will offer the factory default DHCP options at the next lease renewal time. The objects set to factory defaults are: cabhCdpLanTransThreshold, cabhCdpLanTransAction, cabhCdpWanDataIpAddrCount, cabhCdpLanStartType, cabhCdpLanPoolStart, cabhCdpLanPoolEndType, cabhCdpLanPoolEnd, cabhCdpNetworkNumber, cabhCdpServerSubnetMaskType, Jones Expires March 2003 [Page 18] Internet Draft Cable Gateway Configuration MIB October 2002 cabhCdpServerSubnetMask, cabhCdpServerTimeOffset, cabhCdpServerRouterType, cabhCdpServerRouter, cabhCdpServerDnsAddressType, cabhCdpServerDnsAddress, cabhCdpServerSyslogAddressType, cabhCdpServerSyslogAddress, cabhCdpServerDomainName, cabhCdpServerTTL, cabhCdpServerInterfaceMTU, cabhCdpServerVendorSpecific, cabhCdpServerLeaseTime, cabhCdpServerDhcpAddressType, cabhCdpServerDhcpAddress" REFERENCE "" ::= { cabhCdpBase 1 } cabhCdpLanTransCurCount OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "The current number of LAN-Trans IP addresses for Translated addresses (NAT and NAPT Interconnects). This is a count of LAN side addresses." REFERENCE "" ::= { cabhCdpBase 2 } cabhCdpLanTransThreshold OBJECT-TYPE SYNTAX INTEGER (0..65533) MAX-ACCESS read-write STATUS current DESCRIPTION "The threshold number of LAN-Trans IP addresses allocated or assigned above which the PS generates an alarm condition. Whenever an attempt is made to allocate a LAN-Trans IP address when cabhCdpLanTransCurCount is greater than or equal to cabhCdpLanTransThreshold, an event is generated. A value of 0 indicates that the CDP sets the threshold at the highest number of addresses in the LAN address pool." DEFVAL { 0 } ::= { cabhCdpBase 3 } Jones Expires March 2003 [Page 19] Internet Draft Cable Gateway Configuration MIB October 2002 cabhCdpLanTransAction OBJECT-TYPE SYNTAX INTEGER { normal (1), noAssignment(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "The action taken when the CDS assigns a LAN-Trans address and the number of LAN-Trans addresses assigned (cabhCdpLanTransCurCount) is greater than the threshold (cabhCdpLanTransThreshold) The actions are as follows: normal - assign a LAN-Trans IP address and treat the interconnection between the LAN and WAN as would normally occur if the threshold was not exceeded. noAssignment - do not assign a LAN-Trans IP address and do not create an interconnection" REFERENCE "" DEFVAL { normal } ::= { cabhCdpBase 4 } cabhCdpWanDataIpAddrCount OBJECT-TYPE SYNTAX INTEGER ( 0..63 ) MAX-ACCESS read-write STATUS current DESCRIPTION "This is the number of WAN-Data IP addresses that the CDC needs to acquire via DHCP." REFERENCE "" DEFVAL { 0 } ::= { cabhCdpBase 5 } -- -- CDP Address Management Tables -- --================================================================== -- -- cabhCdpLanAddrTable (CDP LAN Address Table) -- -- The cabhCdpLanAddrTable contains the DHCP parameters -- for each IP address served to the LAN-Trans realm. -- Jones Expires March 2003 [Page 20] Internet Draft Cable Gateway Configuration MIB October 2002 -- This table contains a list of entries for the LAN side CDP -- parameters. These parameters can be set either by the CDP or by -- the cable operator through the CMP. -- --=================================================================== cabhCdpLanAddrTable OBJECT-TYPE SYNTAX SEQUENCE OF CabhCdpLanAddrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table is a list of LAN-Trans realm parameters. This list has one entry for each allocated LAN-Trans IP address." ::= { cabhCdpAddr 1 } cabhCdpLanAddrEntry OBJECT-TYPE SYNTAX CabhCdpLanAddrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "List of general parameter for CDP mappings." INDEX { cabhCdpLanAddrIpType, cabhCdpLanAddrIp } ::= { cabhCdpLanAddrTable 1 } CabhCdpLanAddrEntry ::= SEQUENCE { cabhCdpLanAddrIpType InetAddressType, cabhCdpLanAddrIp InetAddress, cabhCdpLanAddrClientID CabhCdpLanTransDhcpClientId, cabhCdpLanAddrLeaseCreateTime TimeStamp, cabhCdpLanAddrLeaseExpireTime TimeStamp, cabhCdpLanAddrMethod INTEGER, cabhCdpLanAddrHostName SnmpAdminString, cabhCdpLanAddrRowStatus RowStatus } cabhCdpLanAddrIpType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "The address type assigned on the LAN side for the CDP Address Table." ::= { cabhCdpLanAddrEntry 1 } cabhCdpLanAddrIp OBJECT-TYPE SYNTAX InetAddress Jones Expires March 2003 [Page 21] Internet Draft Cable Gateway Configuration MIB October 2002 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The address assigned on the LAN side for the CDP Address Table. This parameter is entered by the CDP when the CDS grants a lease to a LAN IP Device in the LAN-Trans realm and creates a row in this table. Alternatively, this parameter can be created by the NMS through the CMP, when the NMS creates a new DHCP address reservation by accessing the cabhCdpLanAddrRowStatus object with an index comprised of a new cabhCadpLanAddrIp and its Type." ::= { cabhCdpLanAddrEntry 2 } cabhCdpLanAddrClientID OBJECT-TYPE SYNTAX CabhCdpLanTransDhcpClientId MAX-ACCESS read-create STATUS current DESCRIPTION "The client ID as indicated in Option 61 of the DHCP Discover. There is a one-to-one relationship between the Client ID and the assigned LAN address. This parameter is entered by the CDP when the CDS grants a lease to a LAN IP Device in the LANpTrans realm and creates a row in this table. Alternatively, this parameter can be created by the NMS through the CMP, when the NMS creates a new DHCP address reservation by accessing the cabhCdpLanDataAddrRowStatus object with an index comprised of a new cabhCdpLanAddrIp and a new cabhCdpLanAddrClientID." ::= { cabhCdpLanAddrEntry 3 } cabhCdpLanAddrLeaseCreateTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The time the LAN side of the CDP LAN Table was created. This entry is only set the cabhCdpLanAddrTable entry is created and the entry does not already exist. In other words, this value is not overwritten at lease renewal time." ::= { cabhCdpLanAddrEntry 4 } cabhCdpLanAddrLeaseExpireTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION Jones Expires March 2003 [Page 22] Internet Draft Cable Gateway Configuration MIB October 2002 "This is the time that the LAN side lease expires. When the lease expires this entry will be deleted from the table." ::= { cabhCdpLanAddrEntry 5 } cabhCdpLanAddrMethod OBJECT-TYPE SYNTAX INTEGER { cmp (1), cdp (2) } MAX-ACCESS read-only STATUS current DESCRIPTION "The method that created this Address Entry. cmp indicates that configuration through the CMP established this row (entry). cdp indicates that a DHCP discover established this row (entry)." ::= { cabhCdpLanAddrEntry 6 } cabhCdpLanAddrHostName OBJECT-TYPE SYNTAX SnmpAdminString(SIZE(0..80)) MAX-ACCESS read-only STATUS current DESCRIPTION "This is the Host Name of the LAN IP address, based on DCHP option 12." ::= { cabhCdpLanAddrEntry 7 } cabhCdpLanAddrRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The RowStatus interlock for creation and deletion." ::= { cabhCdpLanAddrEntry 8 } --=================================================================== -- -- cabhCdpWanDataAddrTable (CDP WAN-Data Address Table) -- -- The cabhCdpWanDataAddrTable contains the configuration or DHCP --- -- parameters for each IP address mapping per WAN-Data IP Address. -- --=================================================================== cabhCdpWanDataAddrTable OBJECT-TYPE SYNTAX SEQUENCE OF CabhCdpWanDataAddrEntry MAX-ACCESS not-accessible Jones Expires March 2003 [Page 23] Internet Draft Cable Gateway Configuration MIB October 2002 STATUS current DESCRIPTION "This table contains WAN-Data address realm information." ::= { cabhCdpAddr 2 } cabhCdpWanDataAddrEntry OBJECT-TYPE SYNTAX CabhCdpWanDataAddrEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "List of general parameter for CDP WAN-Data address realm." INDEX { cabhCdpWanDataAddrIndex } ::= { cabhCdpWanDataAddrTable 1 } CabhCdpWanDataAddrEntry ::= SEQUENCE { cabhCdpWanDataAddrIndex INTEGER, cabhCdpWanDataAddrClientId OCTET STRING, cabhCdpWanDataAddrIpType InetAddressType, cabhCdpWanDataAddrIp InetAddress, cabhCdpWanDataAddrRenewalTime Integer32, cabhCdpWanDataAddrRowStatus RowStatus } cabhCdpWanDataAddrIndex OBJECT-TYPE SYNTAX INTEGER (1..65535) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Index into table." ::= { cabhCdpWanDataAddrEntry 1 } cabhCdpWanDataAddrClientId OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..80)) MAX-ACCESS read-create STATUS current DESCRIPTION "A unique WAN-Data ClientID used when attempting the acquire a WAN-Data IP Address via DHCP." ::= { cabhCdpWanDataAddrEntry 2 } cabhCdpWanDataAddrIpType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "The address type assigned on the WAN-Data side." DEFVAL { ipv4 } ::= { cabhCdpWanDataAddrEntry 3 } Jones Expires March 2003 [Page 24] Internet Draft Cable Gateway Configuration MIB October 2002 cabhCdpWanDataAddrIp OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "The address assigned on the WAN-Data side." ::= { cabhCdpWanDataAddrEntry 4 } cabhCdpWanDataAddrRenewalTime OBJECT-TYPE SYNTAX Integer32 MAX-ACCESS read-only STATUS current DESCRIPTION "This is the time remaining before the lease expires. This is based on DHCP Option 51." ::= { cabhCdpWanDataAddrEntry 5 } cabhCdpWanDataAddrRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The RowStatus interlock for creation and deletion." ::= { cabhCdpWanDataAddrEntry 6 } --=================================================================== -- -- cabhCdpWanDataAddrServerTable (CDP WAN-Data DNS Server Table) -- -- The cabhCdpWanDataAddrServerTable contains a table of referral D -- Servers. -- --=================================================================== cabhCdpWanDataAddrServerTable OBJECT-TYPE SYNTAX SEQUENCE OF CabhCdpWanDataAddrServerEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This contains the IP addresses used for the WAN-Data DNS hosts obtained via the DHCP option 6 during the WAN-Data process." ::= { cabhCdpAddr 3 } cabhCdpWanDataAddrServerEntry OBJECT-TYPE SYNTAX CabhCdpWanDataAddrServerEntry MAX-ACCESS not-accessible STATUS current Jones Expires March 2003 [Page 25] Internet Draft Cable Gateway Configuration MIB October 2002 DESCRIPTION "List of WAN-Data DNS Hosts." INDEX { cabhCdpWanDataAddrDnsIpType, cabhCdpWanDataAddrDnsIp } ::= { cabhCdpWanDataAddrServerTable 1 } CabhCdpWanDataAddrServerEntry ::= SEQUENCE { cabhCdpWanDataAddrDnsIpType InetAddressType, cabhCdpWanDataAddrDnsIp InetAddress, cabhCdpWanDataAddrDnsRowStatus RowStatus } cabhCdpWanDataAddrDnsIpType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS not-accessible STATUS current DESCRIPTION "This parameter indicates the IP address type of a DNS server." ::= { cabhCdpWanDataAddrServerEntry 1 } cabhCdpWanDataAddrDnsIp OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "This parameter indicates the IP address of a DNS server." ::= { cabhCdpWanDataAddrServerEntry 2 } cabhCdpWanDataAddrDnsRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "The RowStatus interlock for creation and deletion." ::= { cabhCdpWanDataAddrServerEntry 3 } -- -- DHCP Server Side (CDS) Option Values for the LAN-Trans realm -- cabhCdpLanPoolStartType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-write STATUS current DESCRIPTION "The Address type of the start of range LAN Trans IP Addresses." Jones Expires March 2003 [Page 26] Internet Draft Cable Gateway Configuration MIB October 2002 DEFVAL { ipv4 } ::= { cabhCdpServer 1 } cabhCdpLanPoolStart OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "The start of range LAN Trans IP Addresses." DEFVAL { 'c0a8000a'h } -- 192.168.0.10 -- 192.168.0.0 is the network number -- 192.168.0.255 is broadcast -- address and 192.168.0.1 -- is reserved for the router ::= { cabhCdpServer 2 } cabhCdpLanPoolEndType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-write STATUS current DESCRIPTION "The Address type of the end of range LAN Trans IP Addresses." DEFVAL { ipv4 } ::= { cabhCdpServer 3 } cabhCdpLanPoolEnd OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "The end of range for LAN-Trans IP Addresses." DEFVAL { 'c0a800fe'h } -- 192.168.0.254 ::= { cabhCdpServer 4 } cabhCdpServerNetworkNumberTypeOBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-write STATUS current DESCRIPTION "The IP address type of the LAN-Trans network number." DEFVAL { ipv4 } ::= { cabhCdpServer 5 } cabhCdpServerNetworkNumber OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "The LAN-Trans network number." Jones Expires March 2003 [Page 27] Internet Draft Cable Gateway Configuration MIB October 2002 DEFVAL { 'c0a80000'h } ::= { cabhCdpServer 6 } cabhCdpServerSubnetMaskType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-write STATUS current DESCRIPTION "Type of LAN-Trans Subnet Mask." DEFVAL { ipv4 } ::= { cabhCdpServer 7 } cabhCdpServerSubnetMask OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "Option value 1 - Value of LAN-Trans Subnet Mask." DEFVAL { 'ffffff00'h } -- 255.255.255.0 ::= { cabhCdpServer 8 } cabhCdpServerTimeOffset OBJECT-TYPE SYNTAX Integer32 (-86400..86400) -- 0-24 hours (in seconds) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "Option value 2 - Value of LAN-Trans Time Offset from Coordinated Universal Time (UTC)." DEFVAL { 0 }-- UTC ::= { cabhCdpServer 9 } cabhCdpServerRouterType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-write STATUS current DESCRIPTION "Type of Address, Router for the LAN-Trans address realm." DEFVAL { ipv4 } ::= { cabhCdpServer 10 } cabhCdpServerRouter OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION Jones Expires March 2003 [Page 28] Internet Draft Cable Gateway Configuration MIB October 2002 "Option value 3 - Router for the LAN-Trans address realm." DEFVAL { 'c0a80001'h } -- 192.168.0.1 ::= { cabhCdpServer 11 } cabhCdpServerDnsAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-write STATUS current DESCRIPTION "The Type of IP Addresses of the LAN-Trans address realm DNS servers." DEFVAL { ipv4 } ::= { cabhCdpServer 12 } cabhCdpServerDnsAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "The IP Addresses of the LAN-Trans address realm DNS servers. As a default there is only one DNS server and it is the address specified in Option Value 3 - cabhCdpServerRouter. Only one address is specified." DEFVAL { 'c0a80001'h } -- 192.168.0.1 ::= { cabhCdpServer 13 } cabhCdpServerSyslogAddressType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-write STATUS current DESCRIPTION "The Type of IP Address of the LAN-Trans SYSLOG servers." DEFVAL { ipv4 } ::= { cabhCdpServer 14 } cabhCdpServerSyslogAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "The IP Addresses of the LAN-Trans SYSLOG servers. As a default there are no SYSLOG Servers. The factory defaults contains the indication of no Syslog Server value equals (0.0.0.0)." DEFVAL { '00000000'h } -- 0.0.0.0 ::= { cabhCdpServer 15 } Jones Expires March 2003 [Page 29] Internet Draft Cable Gateway Configuration MIB October 2002 cabhCdpServerDomainName OBJECT-TYPE SYNTAX SnmpAdminString(SIZE(0..128)) MAX-ACCESS read-write STATUS current DESCRIPTION "Option value 15 - Domain name of LAN-Trans address realm." DEFVAL {""} ::= { cabhCdpServer 16 } cabhCdpServerTTL OBJECT-TYPE SYNTAX INTEGER (0..255) MAX-ACCESS read-write STATUS current DESCRIPTION "Option value 23 - LAN-Trans Time to Live." DEFVAL { 64 } ::= { cabhCdpServer 17 } cabhCdpServerInterfaceMTU OBJECT-TYPE SYNTAX INTEGER (68..4096) MAX-ACCESS read-write STATUS current DESCRIPTION "Option value 26 - LAN-Trans Interface MTU." ::= { cabhCdpServer 18 } cabhCdpServerVendorSpecificOBJECT-TYPE SYNTAX OCTET STRING (SIZE(0..255)) MAX-ACCESS read-write STATUS current DESCRIPTION "Option value 43 - Vendor Specific Options." DEFVAL { ''h } ::= { cabhCdpServer 19 } cabhCdpServerLeaseTime OBJECT-TYPE SYNTAX Unsigned32 UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "Option value 51 űLease Time for LAN IP Devices in the LAN-Trans realm (seconds)." DEFVAL { 3600 } ::= { cabhCdpServer 20 } cabhCdpServerDhcpAddressType OBJECT-TYPE Jones Expires March 2003 [Page 30] Internet Draft Cable Gateway Configuration MIB October 2002 SYNTAX InetAddressType MAX-ACCESS read-write STATUS current DESCRIPTION "Option value 54 - Type of LAN-Trans DHCP server IP address." DEFVAL { ipv4 } ::= { cabhCdpServer 21 } cabhCdpServerDhcpAddressOBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-write STATUS current DESCRIPTION "Option value 54 - LAN-Trans DHCP server IP address. It defaults to the router address as specified in cabhCdpServerRouter. Alternatively a vendor may want to separate CDS address from router address." DEFVAL { 'c0a80001'h } -- 192.168.0.1 ::= { cabhCdpServer 22 } -- -- notification group is for future extension. -- cabhCdpNotification OBJECT IDENTIFIER ::= { cabhCdpMib 2 0 } cabhCdpConformance OBJECT IDENTIFIER ::= { cabhCdpMib 3 } cabhCdpCompliances OBJECT IDENTIFIER ::= { cabhCdpConformance 1 } cabhCdpGroups OBJECT IDENTIFIER ::= { cabhCdpConformance 2 } -- -- Notification Group -- -- compliance statements cabhCdpBasicCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for devices that implement MTA feature." MODULE --cabhCdpMib Jones Expires March 2003 [Page 31] Internet Draft Cable Gateway Configuration MIB October 2002 -- unconditionally mandatory groups MANDATORY-GROUPS { cabhCdpGroup } ::= { cabhCdpCompliances 3 } cabhCdpGroup OBJECT-GROUP OBJECTS { cabhCdpSetToFactory, cabhCdpLanTransCurCount, cabhCdpLanTransThreshold, cabhCdpLanTransAction, cabhCdpWanDataIpAddrCount, cabhCdpLanAddrClientID, cabhCdpLanAddrLeaseCreateTime, cabhCdpLanAddrLeaseExpireTime, cabhCdpLanAddrMethod, cabhCdpLanAddrHostName, cabhCdpLanAddrRowStatus, cabhCdpWanDataAddrClientId, cabhCdpWanDataAddrIpType, cabhCdpWanDataAddrIp, cabhCdpWanDataAddrRenewalTime, cabhCdpWanDataAddrRowStatus, cabhCdpWanDataAddrDnsRowStatus, cabhCdpLanPoolStartType, cabhCdpLanPoolStart, cabhCdpLanPoolEndType, cabhCdpLanPoolEnd, cabhCdpServerNetworkNumberType, cabhCdpServerNetworkNumber, cabhCdpServerSubnetMaskType, cabhCdpServerSubnetMask, cabhCdpServerTimeOffset, cabhCdpServerRouterType, cabhCdpServerRouter, cabhCdpServerDnsAddressType, Jones Expires March 2003 [Page 32] Internet Draft Cable Gateway Configuration MIB October 2002 cabhCdpServerDnsAddress, cabhCdpServerSyslogAddressType, cabhCdpServerSyslogAddress, cabhCdpServerDomainName, cabhCdpServerTTL, cabhCdpServerInterfaceMTU, cabhCdpServerVendorSpecific, cabhCdpServerLeaseTime, cabhCdpServerDhcpAddressType, cabhCdpServerDhcpAddress } STATUS current DESCRIPTION "Group of objects for CableHome CDB MIB." ::= { cabhCdpGroups 1 } END 5. Acknowledgements This document was produced by the IPCDN Working Group. It is based on a document written by Kevin Luehrs from CableLabs, consultant to CableLabs Roy Spitzer, consultant to CableLabs Mike Mannette, consultant to CableLabs Rick Vetter, Chris Zacker from Broadcom, and Itay Sherman from Texas Instruments. Additional thanks go to Jean-Francois Mule from CableLabs for his guidance. 6. References [1] Harrington, D., Presuhn, R. and B. Wijnen, "An Architecture for Describing SNMP Management Frameworks", RFC 2571, April 1999. [2] Rose, M. and K. McCloghrie, "Structure and Identification of Management Information for TCP/IP-based Internets", STD 16, RFC 1155, May 1990. [3] Rose, M. and K. McCloghrie, "Concise MIB Definitions", STD 16, RFC 1212, March 1991. [4] Rose, M., "A Convention for Defining Traps for use with the SNMP", RFC 1215, March 1991. [5] McCloghrie, K., Perkins, D. and J. Schoenwaelder, "Structure of Management Information for Version 2 (SMIv2)", STD 58, RFC 2578, April 1999. Jones Expires March 2003 [Page 33] Internet Draft Cable Gateway Configuration MIB October 2002 [6] McCloghrie, K., Perkins, D. and J. Schoenwaelder, "Textual Conventions for SMIv2", STD 58, RFC 2579, April 1999. [7] McCloghrie, K., Perkins, D. and J. Schoenwaelder, "Conformance Statements for SMIv2", STD 58, RFC 2580, April 1999. [8] Case, J., Fedor, M., Schoffstall, M. and J. Davin, "Simple Network Management Protocol", STD 15, RFC 1157, May 1990. [9] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Introduction to Community-based SNMPv2", RFC 1901, January 1996. [10] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Transport Mappings for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1906, January 1996. [11] Case, J., Harrington D., Presuhn R. and B. Wijnen, "Message Processing and Dispatching for the Simple Network Management Protocol (SNMP)", RFC 2572, April 1999. [12] Blumenthal, U. and B. Wijnen, "User-based Security Model (USM) for version 3 of the Simple Network Management Protocol (SNMPv3)", RFC 2574, April 1999. [13] Case, J., McCloghrie, K., Rose, M. and S. Waldbusser, "Protocol Operations for Version 2 of the Simple Network Management Protocol (SNMPv2)", RFC 1905, January 1996. [14] Levi, D., Meyer, P. and B. Stewart, "SNMP Applications", RFC 2573, April 1999. [15] Wijnen, B., Presuhn, R. and K. McCloghrie, "View-based Access Control Model (VACM) for the Simple Network Management Protocol (SNMP)", RFC 2575, April 1999. [16] "CableHome 1.0 Specification CH-SP-I02-020920", CableLabs, September 2002, http://www.cablelabs.com/projects/cablehome/specifications. 7. Security Considerations This MIB relates to a system which will provide metropolitan public Internet access for a cable data service subscriber, via a DOCSIS cable modem. As such, improper manipulation of the objects represented by this MIB may result in denial of service to a large number of end-users. In addition, manipulation of the cabhPsDevConfigFile and cabhPsDevConfigHash may allow an end-user to Jones Expires March 2003 [Page 34] Internet Draft Cable Gateway Configuration MIB October 2002 increase their service levels, change the permitted IP address leases, or affect other end-users in either a positive or negative manner. There are a number of management objects defined in this MIB that have a MAX-ACCESS clause of read-write and/or read-create. Such objects may be considered sensitive or vulnerable in some network environments. The support for SET operations in a non-secure environment without proper protection can have a negative effect on network operations. o The Cable Gateway Device may have its Portal Services software changed by the actions of the management system. An improper software load may result in substantial vulnerabilities and the loss of the ability of the management system to control the cable modem. o The device may be reset by setting cabhPsDevResetNow = true(1). This causes the device to reload its configuration files as well as eliminating all previous non-persistent network management settings. As such, this may provide a vector for attacking the system. This MIB does not affect confidentiality of services on a Cable Gateway device. Since a CableLabs CableHome-compliant Cable Gateway Device accesses the Internet through a DOCSIS compliant cable modem, the privacy mechanism defined for a DOCSIS cable modem in [18] is a mechanism by which a Cable Gateway device could be ensured confidentiality of service. SNMPv1 by itself is not a secure environment. Even if the network itself is secure (for example by using IPSec), even then, there is no control as to who on the secure network is allowed to access and GET/SET (read/change/create/delete) the objects in this MIB. It is recommended that the implementers consider the security features as provided by the SNMPv3 framework. Specifically, the use of the User-based Security Model [12] and the View-based Access Control Model [15] is recommended. It is then a customer/user responsibility to ensure that the SNMP entity giving access to an instance of this MIB, is properly configured to give access to the objects only to those principals (users) that have legitimate rights to indeed GET or SET (change/create/delete) them. 8. Intellectual Property Jones Expires March 2003 [Page 35] Internet Draft Cable Gateway Configuration MIB October 2002 The IETF takes no position regarding the validity or scope of any intellectual property or other rights that might be claimed to pertain to the implementation or use of the technology described in this document or the extent to which any license under such rights might or might not be available; neither does it represent that it has made any effort to identify any such rights. Information on the IETF's procedures with respect to rights in standards-track and standards-related documentation can be found in BCP-11. Copies of claims of rights made available for publication and any assurances of licenses to be made available, or the result of an attempt made to obtain a general license or permission for the use of such proprietary rights by implementors or users of this specification can be obtained from the IETF Secretariat. The IETF invites any interested party to bring to its attention any copyrights, patents or patent applications, or other proprietary rights which may cover technology that may be required to practice this standard. Please address the information to the IETF Executive Director. 9. Author's Address Doug Jones YAS BBV 400 Centennial Parkway Louisville, CO 80027 USA phone: +1 303 661 6823 email: doug@yas.com 10. Full Copyright Statement Copyright (C) The Internet Society (1999). All Rights Reserved. This document and translations of it may be copied and furnished to others, and derivative works that comment on or otherwise explain it or assist in its implementation may be prepared, copied, published and distributed, in whole or in part, without restriction of any kind, provided that the above copyright notice and this paragraph are included on all such copies and derivative works. However, this document itself may not be modified in any way, such as by removing the copyright notice or references to the Internet Society or other Internet organizations, except as needed for the purpose of developing Internet standards in which case the procedures for copyrights defined in the Internet Standards process must be followed, or as required to translate it into languages other than English. The limited permissions granted above are perpetual and will not be Jones Expires March 2003 [Page 36] Internet Draft Cable Gateway Configuration MIB October 2002 revoked by the Internet Society or its successors or assigns. This document and the information contained herein is provided on an "AS IS" basis and THE INTERNET SOCIETY AND THE INTERNET ENGINEERING TASK FORCE DISCLAIMS ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO ANY WARRANTY THAT THE USE OF THE INFORMATION HEREIN WILL NOT INFRINGE ANY RIGHTS OR ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Acknowledgement Funding for the RFC Editor function is currently provided by the Internet Society. Jones Expires - April 2002 [Page 37]